Re: INFO in NRE SecurityUtils

2008-09-12 Thread Avi Flax 
On Fri, Sep 12, 2008 at 04:17, Thierry Boileau
<[EMAIL PROTECTED]>wrote:


> that makes sense. I notice also that in Restlet 1.1 no message is logged
> when the response is successfully parsed (class "HttpBasicHelper"). I've
> updated the svn repository.
>

Great, thanks Thierry!

Re: INFO in NRE SecurityUtils

2008-09-12 Thread Thierry Boileau 

Hello Avi,

that makes sense. I notice also that in Restlet 1.1 no message is logged 
when the response is successfully parsed (class "HttpBasicHelper"). I've 
updated the svn repository.


Best regards,
Thierry Boileau
--
Restlet ~ Core developer ~ http://www.restlet.org 
Noelios Technologies ~ Co-founder ~ http://www.noelios.com 




I'm using 1.0, so this may already be fixed in 1.1, but a quick search 
of the list didn't turn up anything, so I thought I'd ask.


I'm using Basic HTTP Auth, and I've implemented a subclass of Guard, 
wherein I've overridden doHandle(). I know that's not the recommended 
approach, but I don't think it's relevant to this question.


I keep seeing entries in my logs that look like this:

Sep 11, 2008 6:02:50 PM com.noelios.restlet.util.SecurityUtils 
parseResponse

INFO: Basic HTTP authentication succeeded: identifier=avif.

The thing is, this is even in cases where basic auth fails, in my 
Guard, wherein I call challenge(response). 

I think this log record is really just saying "I was able to 
successfully parse the Authorization header into a ChallengeResponse 
object", which is good info, but: (A) it should be a FINE or FINER, 
not an INFO, and (B) the message is misleading.


Does that make sense?

Thanks,
Avi

--
Avi Flax » Lead Technologist » Partner » Arc90 » http://arc90.com

INFO in NRE SecurityUtils

2008-09-11 Thread Avi Flax 
I'm using 1.0, so this may already be fixed in 1.1, but a quick search of
the list didn't turn up anything, so I thought I'd ask.
I'm using Basic HTTP Auth, and I've implemented a subclass of Guard, wherein
I've overridden doHandle(). I know that's not the recommended approach, but
I don't think it's relevant to this question.

I keep seeing entries in my logs that look like this:

Sep 11, 2008 6:02:50 PM com.noelios.restlet.util.SecurityUtils parseResponse
INFO: Basic HTTP authentication succeeded: identifier=avif.

The thing is, this is even in cases where basic auth fails, in my Guard,
wherein I call challenge(response).

I think this log record is really just saying "I was able to successfully
parse the Authorization header into a ChallengeResponse object", which is
good info, but: (A) it should be a FINE or FINER, not an INFO, and (B) the
message is misleading.

Does that make sense?

Thanks,
Avi

-- 
Avi Flax » Lead Technologist » Partner » Arc90 » http://arc90.com